As many people may know most companies spend 90% of their budgets on cyber security. There is an area of security that largely gets overlooked which provides an easy vector to executives, Government employees and others and outlines why counterintelligence is a key function in your security program. This is one of the reasons we developed the Jigsaw Threat Mitigation Model to be able to prevent other issues outside of the cyber security realm. As a cyber security company, we often get called in on those incidents, but there is a growing need for non cyber security related assistance in which many MSSP's don't provide. Technical Surveillance Countermeasures is a dying art. Many of the individuals that trained me over the last 20+ years are now deceased or have retired and are not providing services any longer. There are a few manufacturers out there that manufacture equipment that provide training. We have found that many of these companies don't teach the fundamentals but instead concentrate on doing training so that they can sell their hardware devices.
The threats in the real world are real. We get called out many times during elections because of eavesdropping activity between political rivals but companies should be on the lookout for other threats targeting their enterprise.
While cyber security is a preferred method due to the onslaught of vulnerabilities, many threats start in the physical space. By monitor employees, executives and physical spaces, adversaries can then gain a foothold into the company using other methods. Our Jigsaw Threat Mitigation Model outlines key areas where you should be monitoring but that are sometimes overlooked by corporate security teams.
The real problem comes when physical vulnerabilities are then used to gain a cyber foothold. Our introduction to TSCM course (we have one scheduled for 11 January through 15 January in Charlotte North Carolina) will cover these topics and more. If 90% of the security funds are spent on cyber security defense, that doesn't leave much in the way of funding to tackle technical surveillance threats.
The Jigsaw Threat Mitigation Model - Level's of Protection
While you are focused on cyber, adversaries are targeting your employees through signals monitoring, dumpster diving or any number of other real world threats and largely without detection. In a recent case, a very large company in the Midwest was lax in their physical hygiene. All it took was a single user throwing out information on a program that they were working on to attract attention from a competitor. Fortunately we were able to detect the monitoring and stop the physical vulnerability before it became a bigger issue. A large defense contractor also observed similar targeting activity in the physical space and on social media targeting their highly guarded company secrets that dealt with launching satellites into space and other sensitive technologies.
There are key metrics in which companies and Government contractors can monitor to protect themselves from these types of attacks. This level of awareness only comes through real world threats, exercises and training. Many companies do fair with cyber threats but fail miserably when handling targeted surveillance threats. All it takes is one user to make a mistake and access is granted to enterprise and internal systems. This is why corporate executives shouldn't be using the same network as employees and sensitive information should be compartmentalized.
More Resources
Again we are offering an introductory course January 11th through the 15th, 2021 in Charlotte North Carolina. This class is open to US citizens and you must register in advance to attend. Registration for the class is available on this page.
Read more about the Jigsaw Threat Mitigation Model here. This will prepare your organization for the upcoming CMMC requirements for Government contractors.
Please let us know if you have any questions or comments concerning our training and we look forward to meeting you and discussing better methods of ensuring real world security doesn't suffer from a lack of awareness concerning technical surveillance threats.
Comments